Why didn't they teach us in math that integers can "overflow"...
The most serious of the three vulnerabilities involves the Windows LoadImage API Function.Here's to a New Year where more programmers use agile languages where integers behave more like you learned in math class.That bug was described as an integer overflow that could be exploited via browsers or e-mail client software. Users who open an HTML message or Web page bearing the image could face security risks.
3 comments:
Here's to a New Year where more programmers use languages where integers behave more like you learned in the History of Computing class!
Languages which perform runtime checks on integers and arrays!
"The first principle was security: ... A consequence of this principle is that every occurrence of every subscript of every subscripted variable was on every occasion checked at run time against both the upper and the lower declared bounds of the array. Many years later we asked our customers whether they wished us to provide an option to switch off these checks in the interests of efficiency on production runs. Unanimously, they urged us not to -- they already knew how frequently subscript errors occur on production runs where failure to detect them could be disastrous."
The Emperor's Old Clothes, CAR Hoare (remembering the design of Algol 60 in 1961)
http://www.braithaite-lee.com/opinions/p75-hoare.pdf
You can get checks like this with Ada, which is not an agile programming language.
That was the point!
Old fashioned languages like Ada, all Wirth's languages, several pure functional languages, (even C#) ... all provide run-time checks for integer-overflow and array-bounds.
It's a problem with the usual suspects - the C family languages (iirc Java doesn't check overflow) - and has nothing to do with "agile".
Post a Comment